@Test public void testInvalidJWT() { JsonObject authInfo = new JsonObject().put("jwt", JWT_INVALID); authProvider.authenticate(authInfo, onFailure(thr -> { assertNotNull(thr); testComplete(); })); await(); }
@Test public void testValidJWT() { JsonObject authInfo = new JsonObject().put("jwt", JWT_VALID); authProvider.authenticate(authInfo, onSuccess(res -> { assertNotNull(res); testComplete(); })); await(); }
@Test public void testGoodIssuer() { JsonObject payload = new JsonObject() .put("sub", "Paulo"); final String token = authProvider.generateToken(payload, new JWTOptions().setIssuer("https://vertx.io")); assertNotNull(token); JsonObject authInfo = new JsonObject() .put("jwt", token) .put("options", new JsonObject() .put("issuer", "https://vertx.io")); authProvider.authenticate(authInfo, onSuccess(res -> { assertNotNull(res); testComplete(); })); await(); }
@Test public void testLeeway2() { authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setLeeway(0))); long now = (System.currentTimeMillis() / 1000) + 2; JsonObject payload = new JsonObject() .put("sub", "Paulo") .put("iat", now); String token = authProvider.generateToken(payload); assertNotNull(token); JsonObject authInfo = new JsonObject().put("jwt", token); // fail because iat is > now (clock drifted 2 sec) authProvider.authenticate(authInfo, onFailure(t -> testComplete())); await(); }
@Test public void testLeeway3() { authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setLeeway(5))); long now = System.currentTimeMillis() / 1000; JsonObject payload = new JsonObject() .put("sub", "Paulo") .put("exp", now) .put("iat", now); String token = authProvider.generateToken(payload); assertNotNull(token); JsonObject authInfo = new JsonObject().put("jwt", token); // fail because exp is <= to now authProvider.authenticate(authInfo, onSuccess(t -> testComplete())); await(); }
@Test public void testLeeway() { authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setLeeway(0))); long now = System.currentTimeMillis() / 1000; JsonObject payload = new JsonObject() .put("sub", "Paulo") .put("exp", now); String token = authProvider.generateToken(payload); assertNotNull(token); JsonObject authInfo = new JsonObject().put("jwt", token); // fail because exp is <= to now authProvider.authenticate(authInfo, onFailure(t -> testComplete())); await(); }
@Test public void testLeeway4() { authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setLeeway(5))); long now = (System.currentTimeMillis() / 1000) + 2; JsonObject payload = new JsonObject() .put("sub", "Paulo") .put("iat", now); String token = authProvider.generateToken(payload); assertNotNull(token); JsonObject authInfo = new JsonObject().put("jwt", token); // pass because iat is > now (clock drifted 2 sec) and we have a leeway of 5sec authProvider.authenticate(authInfo, onSuccess(t -> testComplete())); await(); }
@Test public void testGoodAudience() { JsonObject payload = new JsonObject() .put("sub", "Paulo"); final String token = authProvider.generateToken(payload, new JWTOptions().addAudience("a").addAudience("b").addAudience("c")); assertNotNull(token); JsonObject authInfo = new JsonObject() .put("jwt", token) .put("options", new JsonObject() .put("audience", new JsonArray().add("b").add("d"))); authProvider.authenticate(authInfo, onSuccess(res -> { assertNotNull(res); testComplete(); })); await(); }
@Test public void testJWTInvalidPermission() { JsonObject authInfo = new JsonObject().put("jwt", JWT_VALID); authProvider.authenticate(authInfo, onSuccess(user -> { assertNotNull(user); user.isAuthorized("drop", onSuccess(hasPermission -> { assertFalse(hasPermission); testComplete(); })); })); await(); }
@Test public void testJWTValidPermission() { JsonObject authInfo = new JsonObject().put("jwt", JWT_VALID); authProvider.authenticate(authInfo, onSuccess(user -> { assertNotNull(user); user.isAuthorized("write", onSuccess(res -> { assertNotNull(res); testComplete(); })); })); await(); }
@Test public void testTokenWithTimestamp() { JsonObject payload = new JsonObject() .put("sub", "Paulo"); final String token = authProvider.generateToken(payload, new JWTOptions()); assertNotNull(token); JsonObject authInfo = new JsonObject().put("jwt", token); authProvider.authenticate(authInfo, onSuccess(res -> { assertNotNull(res); assertTrue(res.principal().containsKey("iat")); testComplete(); })); await(); }
@Test public void testAlgNone() { JWTAuth authProvider = JWTAuth.create(vertx, new JWTAuthOptions()); JsonObject payload = new JsonObject() .put("sub", "UserUnderTest") .put("aud", "OrganizationUnderTest") .put("iat", 1431695313) .put("exp", 1747055313) .put("roles", new JsonArray().add("admin").add("developer").add("user")) .put("permissions", new JsonArray().add("read").add("write").add("execute")); final String token = authProvider.generateToken(payload, new JWTOptions().setSubject("UserUnderTest").setAlgorithm("none")); assertNotNull(token); JsonObject authInfo = new JsonObject().put("jwt", token); authProvider.authenticate(authInfo, onSuccess(res -> { assertNotNull(res); testComplete(); })); await(); }
@Test public void testExpiration() { JsonObject payload = new JsonObject() .put("sub", "Paulo"); final String token = authProvider.generateToken(payload, new JWTOptions().setExpiresInSeconds(1).setNoTimestamp(true)); assertNotNull(token); vertx.setTimer(2000L, t -> { JsonObject authInfo = new JsonObject().put("jwt", token); authProvider.authenticate(authInfo, onFailure(thr -> { assertNotNull(thr); testComplete(); })); }); await(); }
@Test public void testBadIssuer() { authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setIssuer("https://vertx.io"))); JsonObject payload = new JsonObject().put("sub", "Paulo"); final String token = authProvider.generateToken(payload, new JWTOptions().setIssuer("https://auth0.io")); assertNotNull(token); JsonObject authInfo = new JsonObject() .put("jwt", token); authProvider.authenticate(authInfo, onFailure(thr -> { assertNotNull(thr); testComplete(); })); await(); }
@Test public void testValidateTokenWithValidMacSecret() { String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1MDE3ODUyMDZ9.08K_rROcCmKTF1cKfPCli2GQFYIOP8dePxeS1SE4dc8"; authProvider = JWTAuth.create(vertx, new JWTAuthOptions() .addSecret(new SecretOptions() .setType("HS256") .setSecret("notasecret")) ); JsonObject authInfo = new JsonObject().put("jwt", token); authProvider.authenticate(authInfo, onSuccess(res -> { assertNotNull(res); testComplete(); })); await(); }
@Test public void testTokenWithoutTimestamp() { JsonObject payload = new JsonObject() .put("sub", "Paulo"); final String token = authProvider.generateToken(payload, new JWTOptions().setExpiresInMinutes(5).setNoTimestamp(true)); assertNotNull(token); JsonObject authInfo = new JsonObject().put("jwt", token); authProvider.authenticate(authInfo, onSuccess(res -> { assertNotNull(res); assertTrue(res.principal().containsKey("exp")); assertFalse(res.principal().containsKey("iat")); testComplete(); })); await(); }
@Test public void testValidateTokenWithInvalidMacSecret() { String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1MDE3ODUyMDZ9.08K_rROcCmKTF1cKfPCli2GQFYIOP8dePxeS1SE4dc8"; authProvider = JWTAuth.create(vertx, new JWTAuthOptions() .addSecret(new SecretOptions() .setType("HS256") .setSecret("a bad secret")) ); JsonObject authInfo = new JsonObject().put("jwt", token); authProvider.authenticate(authInfo, onFailure(res -> { assertNotNull(res); testComplete(); })); await(); }
@Test public void testGenerateNewTokenWithMacSecret() { authProvider = JWTAuth.create(vertx, new JWTAuthOptions() .addSecret(new SecretOptions() .setType("HS256") .setSecret("notasecret")) ); String token = authProvider.generateToken(new JsonObject(), new JWTOptions().setAlgorithm("HS256")); assertNotNull(token); // reverse JsonObject authInfo = new JsonObject().put("jwt", token); authProvider.authenticate(authInfo, onSuccess(res -> { assertNotNull(res); testComplete(); })); await(); }
@Test public void testBadAudience() { authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions( new JWTOptions() .addAudience("e") .addAudience("d"))); JsonObject payload = new JsonObject() .put("sub", "Paulo"); final String token = authProvider.generateToken(payload, new JWTOptions().addAudience("a").addAudience("b").addAudience("c")); assertNotNull(token); JsonObject authInfo = new JsonObject() .put("jwt", token); authProvider.authenticate(authInfo, onFailure(thr -> { assertNotNull(thr); testComplete(); })); await(); }
@Test public void testGenerateNewTokenForceAlgorithm() { authProvider = JWTAuth.create(vertx, new JWTAuthOptions() .setKeyStore(new KeyStoreOptions() .setPath("gce.jks") .setType("jks") .setPassword("notasecret"))); String token = authProvider.generateToken(new JsonObject(), new JWTOptions().setAlgorithm("RS256")); assertNotNull(token); // reverse JsonObject authInfo = new JsonObject().put("jwt", token); authProvider.authenticate(authInfo, onSuccess(res -> { assertNotNull(res); testComplete(); })); await(); }